package com.sky.ok.controller;

import com.sky.ok.common.ResponseBean;
import com.sky.ok.controller.exception.UnauthorizedException;
import com.sky.ok.shiro.*;
import com.sky.ok.shiro.entity.User;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpSession;

@RestController
public class WebController {

    private static final Logger LOGGER = LogManager.getLogger(WebController.class);

    //private UserService userService;

   /* @Autowired
    public void setService(UserService userService) {
        this.userService = userService;
    }*/

   /* @PostMapping("/login")
    public ResponseBean login(@RequestParam("username") String username,
                              @RequestParam("password") String password) {
        System.out.println("username+password:" + username + password);
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username, password);
        Subject subject = SecurityUtils.getSubject();
        try {
            //登录操作
            subject.login(usernamePasswordToken);
            //  User user=(User) subject.getPrincipal();
            //更新用户登录时间，也可以在ShiroRealm里
            //  session.setAttribute("user", user);
            return new ResponseBean(200, "Login success", username + password);
        } catch (Exception e) {
            System.out.println(e.getMessage());
            if (e instanceof IncorrectCredentialsException) {
                return new ResponseBean(201, "Login fail", "用户名或密码错误");
            }
            if (e instanceof LockedAccountException) {
                return new ResponseBean(201, "Login fail", "帐号已被锁定请联系管理员");
            }
        }
        return new ResponseBean(500, "server error", null);
    }*/

/*

    @RequestMapping("/logout")
    public ResponseBean logout(HttpSession session) {
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return new ResponseBean(200, "logout success", "成功退出");
    }
*/

    @GetMapping("/article")
    public ResponseBean article() {
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            return new ResponseBean(200, "You are already logged in", null);
        } else {
            return new ResponseBean(200, "You are guest", null);
        }
    }

    @GetMapping("/require_auth")
    @RequiresAuthentication
    public ResponseBean requireAuth() {
        return new ResponseBean(200, "You are authenticated", null);
    }

    @GetMapping("/require_role")
    @RequiresRoles("admin")
    public ResponseBean requireRole() {
        return new ResponseBean(200, "You are visiting require_role", null);
    }

    @GetMapping("/require_permission")
    @RequiresPermissions(logical = Logical.AND, value = {"view", "edit"})
    public ResponseBean requirePermission() {
        return new ResponseBean(200, "You are visiting permission require edit,view", null);
    }

    @RequestMapping(path = "/401")
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    public ResponseBean unauthorized() {
        return new ResponseBean(401, "Unauthorized", null);
    }
}
